Mercurial > hg > freeDiameter

diff include/freeDiameter/freeDiameter.h @ 43:2db15632a63d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Added a large part of connection establishment logic, to test
author Sebastien Decugis <sdecugis@nict.go.jp>
date Wed, 25 Nov 2009 19:07:09 +0900
parents f4d94bc65e1f
children a58f0757c06a
line wrap: on
line diff
--- a/include/freeDiameter/freeDiameter.h	Thu Nov 19 17:51:23 2009 +0900
+++ b/include/freeDiameter/freeDiameter.h	Wed Nov 25 19:07:09 2009 +0900
@@ -335,6 +335,7 @@
 		uint32_t	pir_firmrev;	/* Content of the Firmware-Revision AVP */
 		int		pir_relay;	/* The remote peer advertized the relay application */
 		struct fd_list	pir_apps;	/* applications advertised by the remote peer, except relay (pi_flags.relay) */
+		int		pir_isi;	/* Inband-Security-Id advertised (PI_SEC_* bits) */
 		
 		int		pir_proto;	/* The L4 protocol currently used with the peer (IPPROTO_TCP or IPPROTO_SCTP) */
 		const gnutls_datum_t 	*pir_cert_list; 	/* The (valid) credentials that the peer has presented, or NULL if TLS is not used */
@@ -422,14 +423,15 @@
  *   This callback is called when a new connection is being established from an unknown peer,
  * after the CER is received. An extension must register such callback with peer_validate_register.
  *
- *   If (info->pi_flags.sec == PI_SEC_TLS_OLD) the extension may instruct the daemon explicitely
- * to not use TLS by clearing info->pi_flags.inband_tls -- only if inband_none is set.
+ *   The callback can learn if the peer has sent Inband-Security-Id AVPs in runtime.pir_isi fields.
+ * It can also learn if a handshake has already been performed in runtime.pir_cert_list field.
+ * The callback must set the value of config.pic_flags.sec appropriately to allow a connection without TLS.
  *
- *   If (info->pi_flags.sec == PI_SEC_TLS_OLD) and info->pi_flags.inband_tls is set,
+ *   If the old TLS mechanism is used,
  * the extension may also need to check the credentials provided during the TLS
  * exchange (remote certificate). For this purpose, it may set the address of a new callback
  * to be called once the handshake is completed. This new callback receives the information
- * structure as parameter (with pi_sec_data set) and returns 0 if the credentials are correct,
+ * structure as parameter (with pir_cert_list set) and returns 0 if the credentials are correct,
  * or an error code otherwise. If the error code is received, the connection is closed and the 
  * peer is destroyed.
  *
@@ -544,4 +546,12 @@
 void fd_ep_dump_one( char * prefix, struct fd_endpoint * ep, char * suffix );
 void fd_ep_dump( int indent, struct fd_list * eps );
 
+/***************************************/
+/*   Applications lists helpers        */
+/***************************************/
+
+int fd_app_merge(struct fd_list * list, application_id_t aid, vendor_id_t vid, int auth, int acct);
+int fd_app_find_common(struct fd_list * target, struct fd_list * reference);
+int fd_app_gotcommon(struct fd_list * apps);
+
 #endif /* _FREEDIAMETER_H */
"Welcome to our mercurial repository"